Senior SOC Engineer

Company: Sopra Steria
Apply for the Senior SOC Engineer
Location: Farnborough
Job Description:

Build the detections that stop threats in their tracks. We are looking for a Senior SOC Engineer (Detection) to join our growing Cyber Security team. This is a hands‑on engineering role where you’ll design and deliver high‑quality detections across Microsoft Sentinel and Splunk, helping protect critical systems and clients in real time.

This role is hybrid: two days a week in the Farnborough office, three days from home. You must be eligible for SC Clearance.

What you’ll be doing

  • Develop, test and deploy detection content across Microsoft Sentinel and Splunk SIEM.
  • Write and optimise detection logic using KQL and SPL.
  • Turn monitoring requirements and use cases into effective, actionable detections.
  • Tune alerts to reduce false positives and improve SOC efficiency.
  • Validate detections against telemetry and ensure accuracy.
  • Support onboarding of log sources across cloud, infrastructure, identity and network.
  • Collaborate with SOC, Threat Intelligence and Security Architecture teams.
  • Investigate detection issues and improve performance and reliability.
  • Drive continuous improvement using automation, scripting and best practice.
  • Ensure detections are clearly documented and operationally usable.

What you’ll bring

  • Experience in SOC engineering, detection engineering or SIEM engineering.
  • Strong hands‑on experience with Microsoft Sentinel and Splunk.
  • Solid knowledge of KQL and SPL.
  • Experience building, testing and maintaining detection rules.
  • Good understanding of SIEM lifecycle management and security telemetry.
  • Knowledge of cloud environments and IT infrastructure.
  • Familiarity with frameworks such as MITRE ATT&CK.
  • Ability to analyse threats and translate them into detection capability.

Nice to have

  • Experience with SOAR (Logic Apps / Splunk SOAR).
  • Detection‑as‑code or CI/CD pipeline experience.
  • Scripting in PowerShell, Python or similar.
  • Experience with Git‑based workflows.
  • Relevant certifications (Microsoft, Splunk, Cyber Security).

Employment details

  • Employment type: Permanent.
  • Location: Hybrid – 2 days Farnborough office, 3 days from home.
  • Security clearance level: Eligible for SC Clearance.
  • Salary: Up to £80,000.
  • Benefits: 25 days annual leave (option to buy additional days), 4× life insurance, matched contributory pension up to 6%, 3% flex benefit, single private medical cover, £5,400 car allowance.

#J-18808-Ljbffr…

Posted: June 16th, 2026